Accepted graphicsmagick 1.4+really1.3.33+hg16115-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 28 Sep 2019 10:57:12 +0000
Source: graphicsmagick
Architecture: source
Version: 1.4+really1.3.33+hg16115-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
graphicsmagick (1.4+really1.3.33+hg16115-1) unstable; urgency=high
.
* Mercurial snapshot, fixing the following security issues:
- ReadMNGImage(): skip coalescing layers if there is only one layer,
- DrawStrokePolygon(): handle case where TraceStrokePolygon() returns
NULL,
- DrawDashPolygon(): handle case where DrawStrokePolygon() returns
MagickFail,
- TraceBezier(): detect arithmetic overflow and return errors via
normal error path rather than exiting,
- ExtractTokensBetweenPushPop(): fix non-terminal parsing loop,
- GenerateEXIFAttribute(): check that we are not being directed to read
an IFD that we are already parsing and quit in order to avoid a loop,
- ReallocColormap(): avoid dereferencing a NULL pointer if
image->colormap is NULL,
- png_read_raw_profile(): fix validation of raw profile length,
- TraceArcPath(): substitute a lineto command when tracing arc is
impossible,
- GenerateEXIFAttribute(): skip unsupported/invalid format 0.
Checksums-Sha1:
c3150bbd20a787faa1fe37324e37dc221adb3378 2946 graphicsmagick_1.4+really1.3.33+hg16115-1.dsc
5f9ea5d67556ff07143a025bfbd0420bf673423d 5601464 graphicsmagick_1.4+really1.3.33+hg16115.orig.tar.xz
6c213464daf840e39b8c4249572d8060ef307589 145168 graphicsmagick_1.4+really1.3.33+hg16115-1.debian.tar.xz
Checksums-Sha256:
c06074951c8ca9ae3d3414ddd0116c58b64c0a68d41a1d3704ed37c26c548bff 2946 graphicsmagick_1.4+really1.3.33+hg16115-1.dsc
d1d297667be84f46f8adc275e5a91e76b0437b2244913209e43db8f6d916c865 5601464 graphicsmagick_1.4+really1.3.33+hg16115.orig.tar.xz
f46e92eac2d3e37806b5d1ed907b50d5672e701282587ca6d973ed3b7138a572 145168 graphicsmagick_1.4+really1.3.33+hg16115-1.debian.tar.xz
Files:
b0d44468b6edf31748bf9a0ae13b7081 2946 graphics optional graphicsmagick_1.4+really1.3.33+hg16115-1.dsc
e05bb2aaec642f27f388860986553f30 5601464 graphics optional graphicsmagick_1.4+really1.3.33+hg16115.orig.tar.xz
743c42114ad94923806e50dedb0ee6de 145168 graphics optional graphicsmagick_1.4+really1.3.33+hg16115-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl2PpUsACgkQ3OMQ54ZM
yL8ouQ/8CKcUTTxG/xxyX4x8/WLdfUT4x6H3iz1+Sn4YPwmzw1Tzgisslomsu8og
FyuV5+NpiKqFm1LW5KzcJixG+o9OzjeVDgizhFWgy27Y79J0WNAkUvS4HD+DqiT5
r3dBAbpOW4b9PZePSQiAt2O6Nm9/brM4tV+pmTBx69XG7De/KTg8TWg7FkznBT6v
Pc5Rsx3E3b/9Yjpb9v9hcJRMIwdWmZA9D6rrqXqW9iWdYe9fBgjKbDpVj4RjWxAm
nn+rv7gXLr7WIujcAt8cj1MBS41bAIDqiny9j5Bv6Xuz3M+sLGXsDg8a/lsPlZ9k
YsUIHljh0xYPmnEgcqcne0hPH7+6RZWG6yYAEVk66S+31mwCyirGmBAZQPFQeed8
jUo0rdP9MccZ9pv2JdUJfkP5TW05zCb1h+B1y/Liy4OSPncJLuAxi9n5cvrBa/49
B2qJivUqykhYm7VkyKQ5ruBdPlyv68Ufe9C/AdnRbZpzRmlFQQuPYQ8x5u02hj3O
AVFJ7r62Huj9G4i3qxb1k3Z+7APNGPrCJh6IliaBNlrRjDmZCGl70DGbMF1JqknD
ZDbFOCaSWc3CjFbJ8iSaznxgDl+3gMYcp+baMZNLxj3AJFWsFqXlhxr91zLWv4LT
EiIUipw5bIJOZlI2LnKvV9RpytUIRNxhiljqBacddgkgCxaYKyM=
=W/22
-----END PGP SIGNATURE-----